Ubuntu Networking :: Upstart Vs. Multiple IP Addresses ?
Jan 27, 2010
I have run into a problem that I've tracked down to being a conflict between the "Upstart" init system, and how it handles multiple (alias) IP addresses per physical interface. The summary of the problem is that the interfaces are being configured in the background in parallel with the starting of daemons. One "feature" of this (apparently intended for pluggable devices that would add or remove an interface) is that the network daemons are restarted each time an interface is added (and presumably deleted). But this is a disaster when applied to alias IP addresses.
I first saw the effects of this when during booting Ubuntu Server, the screen showed a message about OpenSSH daemon being restarted ... several times a few seconds apart each. At the time I didn't know what was causing that, but didn't worry because it ultimately was running when I needed it.
But now that I am deploying these servers for specific duty with many IP addresses per system (per network interface), the symptoms are becoming serious, and I need a solution.
1. The IP addresses are coming online too slowly. Apparently the time it takes to restart each daemon is being added to each address being configured.
2. It appears to be disrupting some daemons sometimes. Occaisionally, some daemon just ends up being hung somewhere, or dies. Too many restarts.
3. Sometimes few or even no alias addresses get configured. This might be due to a daemon getting hung, and the whole sequence just not finishing.
4. The "nsd" name server as packaged by Ubuntu doesn't deal well with this at all. It needs all its IP addresses to be up when it starts, or else it won't start. The Ubuntu package of it doesn't including any if-up script at all, although I'm not sure that would do any good.
What I need is a way to configure all these alias IP addresses so they are all configured immediately when the point in time is reached to bring up network interfaces for the first time. These are all static, and all are aliases on ethernet NIC cards plugged into PCIe cards, or integrated in the mainboard. None of them are pluggables. I did run a manual test of "ifconfig" in a loop configuring 2540 alias IP address on eth0 and it only took 2 seconds (no if-up triggers or daemon restarts here). So I know it's fast if nothing else is done between these steps.
Even for pluggable physical interfaces, I see no reason to even try to step through every alias (if it has aliases) with a daemon restart. If an alias IP address is added on later, then I can understand doing it. But if you have a list of 100 aliases for a physical interface, they really should all be done ... or at least attempted ... at once, and do any triggers needed after that.
So, how can I configure or modify Ubuntu Server 9.10 to do that?
I have each alias listed in the "/etc/network/interfaces" file with a separate "auto" and "iface" section for each one, with sequential sub-interface numbers appended to the interface name. I tried it without those sections (e.g. just "address" and other items in sequence) and that prevents the system from even coming up (bootable CD to the rescue to undo that). At least cntrl-alt-del did reboot it.
I tried to attach the /etc/network/interfaces file, but I don't know if it worked because I see no confirmations about it. if it didn't attach and you need to see it, say so, and I'll just paste it in a followup.
My Linux gateway has multiple address to internet: eth0 = 22.214.171.124 eth0:0 = 126.96.36.199 eth0:1 = 188.8.131.52 and it's own gateway which is 184.108.40.206 (probably not relevant) and I also have which is not internet, but local: eth0:2 = 192.168.0.1 netmask 255.255.255.0
They all work fine and tested. Now I am sharing the internet through eth0 (220.127.116.11) to 192.168.0.1/24 and that's working fine. The script I use to do that is here...
Code: #!/bin/sh echo 1 >/proc/sys/net/ipv4/ip_forward echo 1 >/proc/sys/net/ipv4/ip_dynaddr iptables -t nat --flush iptables -A FORWARD -i eth0 -d 192.168.0.1/24 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -s 192.168.0.1/24 -o eth0 -j ACCEPT iptables -A FORWARD -j LOG iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Now all I want to change in the script is to share it through 18.104.22.168 (eth0:1) instead of what is already sharing through 22.214.171.124 (eth0). I am sure this is easy but can't work it out and iptables doesn't accept 'aliases'. How I can do this by modifying this script?
This works perfectly, however when I try to add a second client this way it doesnt. I tried to add the above code multiple times as a whole (2 times the above code) but that doesnt work. I also tried to just add more lines under host apex but this also doesnt work.
So my question is: How do I add more of this mac related IP adress assignments in the dhcp.conf?
iptables and multiple public-facing IP addresses. With the current setup I have a public-facing firewall with iptables which will then forward traffic to a LAN IP. I will hopefully be allotted 1 private IP per public IP, which I hope will make this much more simple. For example, I have server A with the LAN IP of 10.0.0.1 which I would like to have traffic forwarded from 126.96.36.199, the public IP. I also have server B with LAN IP of 10.0.0.2 which I would like to have forwarded from 188.8.131.52, the second public IP. From what I have read and understood, this should be a simple task, however I would just like to double check to make sure that it is in fact possible, and if so, how would it be recommended that I go about doing so. Essentially, I need to forward each public IP to a corresponding LAN IP with all ports.
I have a CentOS5 server with dual ethernet adapters + Webmin installed as my Router / Firewall / DHCP server working successfully with 1 static IP from my ISP. I also have 7 additional static IP addresses from my ISP needing to configure to individual servers inside my network. I have configured the additional virtual interfaces, but am lost on how to route data specifically from additional ISP address to specific internal network address.
Below is my desired configuration. 98.173.159.xx1 = eth0 physical interface ==> eth1 192.168.1.1 98.173.159.xx2 = eth0:1 virtual interface ==> 192.168.1.10 ==> CentOS Server 2 98.173.159.xx3 = eth0:2 virtual interface ==> 192.168.1.20 ==> CentOS Server 3 98.173.159.xx4 = eth0:3 virtual interface ==> 192.168.1.30 ==> CentOS Server 4 98.173.159.xx5 = eth0:4 virtual interface ==> 192.168.1.40 ==> Mac OS X Server 1 98.173.159.xx6 = eth0:5 virtual interface ==> 192.168.1.50 ==> Mac OS X Server 1 98.173.159.xx7 = eth0:6 virtual interface ==> 192.168.1.60 ==> Network Attached Storage Server 1 98.173.159.xx8 = eth0:7 virtual interface ==> 192.168.1.70 ==> Windows 2008 Server 1
I recently installed Ubuntu Server 9.10 with the intent of using it as a platform for running a couple of Windows XP virtual machines along with Linux/Ubuntu.
I had no problems getting the server installed. Had no problems getting the network up and running so that I had access to both my internal network as well as external connectivity to the internet. Had no problems getting a VM installed and putting Windows XP inside of it. Had no problems setting up a bridge between the WinXP virtual machine and the physical ethernet card (eth0).
What Im having trouble with is figuring out how to bridge from multiple VMs AND Ubuntu natively through one physical ethernet card.
When I set up the bridge, it knocks out the static IP address of the ethernet card that was set up initially with Ubuntu when first installed before the VM was created and installed. Therefore, connectivity within Ubuntu natively is lost.
Similarly, am having trouble figuring out how the second VM (also going to be running WinXP) is going to get its connectivity since it doesnt seem to like me setting up 2 bridges to the same physical ethernet interface card.
I need all 3 machines to have static IP addresses and be visible/accessible from the external network for either web/mail/dns/etc servers on the Ubuntu side and for remote PC control functionality on the VM side.
I have tried setting up alias ethernet interfaces (eth0:1, eth0:2, eth0:3) with static addresses which work fine from native Ubuntu in presenting multiple IP addressees, but it seems that Im not permitted to bridge to these alias interfaces.
I'm renting a server which comes with 5 IP addresses, but only one network device. From what I can understand I'm able to create aliases by adding entries to /etc/networks/interfaces, I haven't tried I'm in the planning stages. Hypothetically, 192.168.22.30 is my primary IP and I want to set eth0:1 to have 192.168.22.31, and then after that I want to create a virtual machine (using kvm/qemu) that is able to communicate bidirectionally to the internet over eth0:1, and leave eth0 strictly for administrating (not for VM traffic).
The qemu guides I'm finding seem to assume that I want to use TAP or VDE, what I want to use is a sub-ip/alias. One guide I saw had me eliminate everything from eth0 and put it under br0. That would leave me unable to ssh into my server (and unable to administrate). Is there a way I can do something along the lines of: qemu [options] -net [option] -netdev=eth0:1 ?
I set-up his mail server for him with Postfix but what he wants I have no idea how to do.
Essentially he wants it so that the mail gateway IP corresponds with the dedicated IP of the domain and I have no idea how to accomplish this.
I found some documentation on the web saying that the fix for this was to run multiple instances of Postfix which I tried doing but each time I try to start the second instance I get the error that postfix is already running.
There has to be an elegant way to make this happen, I really hate to tell a client something can't be done even though the concept is a bit pointless, IMHO. I am hoping I can get some feedback here on if this can be done and if it can the easiest way for me to accomplish doing it.
Here is some of the config files (example.com has been put in place of the actual domain names and the ip of 184.108.40.206 is in place of the actual IPs
This is the current setup that we have: We have approx 20 clients who pay us to send out a type of e-mail called an E-Blast to their customers. We currently are using 5 Microsoft Windows Virtual Servers to do this. The problem is that those machines are starting to break down. There are times that it will take Microsoft Windows approx 9-10 hours to complete 1 job. This is way too long. We want to move away from Microsoft Windows for this particular type of job as it seems there are more customers who are wanting to use this type of advertising.
It seems that using a Linux Server "Command Line or Shell" environment would be the best way to go as there is no GUI like Windows. Since there is just text...that is something that would/should process very, very quickly.
I am in the process of setting up a new SMTP outbound mail server. This is the current software & configuration (what is installed on this new machine):
All of the customer data (Names, E-Mail Addresses, etc that these e-mails are going to) are currently loaded in a Microsoft SQL Database.
My machine that I am using is plugged into the DMZ. I have 1 ip address for the 1 network card. I have also added/bound 4 more ip addresses to that network card.
I have configured Postfix for Multiple IP Addresses.
I can, from the command line, send successful test e-mails and receive them in my personal account.
As far as I know everything is setup correctly. I can and will post requested information so that it can be verified that everything is setup correctly.
Here are a couple of my questions:
Ensure that I have my Network / Interfaces file and my Postfix's Master.cf/Main.cf files setup correctly?
How can I setup this server to be an Outbound SMTP server and get it to use all 5 of the IP Addresses to send these e-mails quickly?
What can I use to check and ensure that this server is in fact sending out emails on all 5 IP
Addresses (I heard that there is a program named "Postal" that may help in determing this).
Our system uses email to send fairly time-sensitive status messages between programs running on various servers on a WAN. Each email message is sent to two addresses (different servers). The problem occurs when one of the destination mail servers is off the network. I think because it's trying to send one email to two addresses, sendmail attempts delivery to the first address, then to the second address (i.e., serially). When this happens, it hangs for two connect timeout (CONNECT_TO) periods trying to connect to the offline destination, then after the timeout, it then delivers to the other destination. I'm trying to figure out how to work around that connection delay so it doesn't delay delivery to the other destination.
I'm working with the network guys to enable the right ICMP messages that signal when a network is unavailable, but I would also like to try having sendmail split the emails into two envelopes, then use parallel, independent connections for delivery.
After days of reading through the docs (O'Rielly Sendmail book + sendmail docs) I think one way to do this is to use multiple mail queues, but I can't decipher exactly how to do that from the docs.
There might be other, more elegant ways to do the same thing, but again, trying to decipher the docs has my head swimming. (This is my first experience with sendmail.)
I have the following problem: There are three NFS mounts in /etc/fstab, which are automatically mounted. The network connection runs over NetworkManager. Since NWM brings up the network asynchronously, NFS doesn't mount correctly on the first try, but is loaded soon enough since mount automatically retries until it works.
I can live with the fact that I have an error in my boot messages, since everything is up in time for the user. But, I need a (selfmade) upstart script which depends on the NFS mount being up. Even using "remote-filesystems" as the trigger doesn't help, because the trigger is apparently sent after the first failed try (I checked with cat /proc/mounts in my script, the nfs mounts are clearly not up.) Can I somehow force the remote mounts to wait until NWM is up, or make the NFS mount emit an event when the mounts really get mounted?
I have a Dell Inspiron 1545 with Ubuntu Karmic that was working like a charm until last week.When I'm using my college's wireless I can browse just fine, but when I'm in my home's network the web addresses cannot be resolved.I was suspecting of DNS error, but it's the same DNS address in all the other computers, and the whole network is working just fine.The thing is that if I use the IPs, for instance 220.127.116.11 for Google, it works fine, both pinging and browsing. So the problem is in resolving the addresses...
I am running a dual boot PC, Ubuntu 10.10 & Win7. I do sticky static IPs on my local network, but it doesn't work cause the Ethernet adapter gets a different MAC address in Windows 7 (EF:9F:E9:F7:F7:F7) than it shows for Ubuntu 10.10 (00:13:74:00:5C:3. I am not sure if this is a Windows problem or something up with Ubuntu. The card is an on-board Atheros L2 fast Ethernet adapter. I have tried updating the drivers in Windows & nothing is working.
Is it possible to configure two IP addresses using one NIC? I'm implementing a VPN server on network 192.168.1.0, ultimately to be accessed over the Internet and through an ADSL router with port-forwarding to the server. Right now I'd like to test it on the LAN, but with the VPN client and server both on the 192.168.1.0 network, that test would not be be valid.
If I had a spare NIC I could put the server on both the 192.168.1.0 network and, say, a 10.0.0.0 network, configure the client on 10.0.0.0 and test. Not having a spare NIC, I'm wondering if it is possible to configure the server with two IP addressese NIC.Virtualising hosts are able to do something similar when running guests with NICs in bridged mode. Log files show they switch eth0 into promiscuouse.In case it matters the server OS is Slackware 13.0.
I've happened across a wireless router that has a gateway address of 192.168.0.1 and allots IPs from 192.168.0.64-255. My laptop wouldn't connect to it automatically, so I was playing around and found that it needed 0.x instead of 1.x. I thought the network manager on ubuntu would have figured that out?! Now its a separate story that the router happens to have no admin password
I'm trying to assign like 80 IPv6 addresses on eth0 for virtual webhosting, but after 55 addresses I get the following error:# ip addr add 2a01:9f8:a171:1651::4b:a8af dev eth0 RTNETLINK answers: File exists.What's the problem? I don't understand that error message at all. Is the number of IPv6 addresses per device somehow limited?Ubuntu 10.4.1 server, 64 bit.
In order to get internet access at my school I have to log into a vpn. No other addresses can be accessed before login. With XP the login is authenticated through the browser (IE and Firefox supported) and run by a juniper network connect applet.
Now when I try to do this in firefox in Ubuntu it tells me that I'm not allowed to login. So I started doing a little research and found out that I should be able to authenticate with VPNC. Trouble is I can't get internet to install anything. Which means I have to download the packages in XP and reboot into Ubuntu. And every time I hit a snag I have to reboot into XP to look up what I need to do. So what I'm wondering is if there is some work around that will get me logged in (maybe through the browser authentication?) so that I can work through issues in one os instead of two?
I've used two internet services to show me my IP address, and I get different results:1. Whatsmyip.org : ***.**.109.***2. ipchicken.com : ***.**.111.***All the * numbers are same, except 109 and 111. (or link me to explanation) of which one's which?
My machine has ONE ethernet card and is on a LAN.IP address is assigned to hosts using DHCP.I can have more than one MAC address on LAN by running Virtual Machine and setting network to bridged. This way, my virtual machine simply acts like there is one more machine in the network.Running VMWare for this job is a a bit heavy on resources. Is there a way so that I can I can have 2 or more ip addresses with different MAC address on the same machine without having to run VirtualBox.
By googling, I think its related to bridging and tap. And, I am sure thatts NOT IP-ALIASING because in ip-aliasing both the ip addresses have the same MAC address.Basically, I want my system to have interfaces like:-eth0 - which was originally presentlo- thats always present :|newint0 - New interface with new MAC address and IP addresses which can access my LAN directly. Its like if I bind, let us suppose curl to this interface, its like a different connection
i have a file server running kubuntu and samba, when i plugged it into a different router, the router assigned it a different IP address (as I expected - its using DHCP) - but the old router was supplying 192.168.1.x type IP's and now the new router is suppliing 10.0.0.x type addresses.I now cannt see the samba shares on the file server.the computers can ping each other and they have working connections to the internet
I'm running a dual boot system at work. I'm connected to a few shared drives in XP, and would also like to connect to them while using Ubuntu.How do I determine the addresses of the servers I'm connected (mapped) to in XP?